httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dE <de.tec...@gmail.com>
Subject [users@httpd] Cannot get certificate chain to work.
Date Mon, 06 Oct 2014 15:51:41 GMT
Hi.

I'm in a situation where I got 3 certificates

server.pem -- the end user certificate which's sent by the server to the 
client.
intermediate.pem -- server.pem is signed by intermediate.pem's private key.
issuer.pem -- intermediate.pem is signed by issuer.pem's private key.

combined.pem is created by --

cat server.pem intermediate.pem > combined.pem

Issuer.pem is installed in the web browser.

The chain is working, I can verify this via the SSL command --

cat intermediate.pem issuer.pem > cert_bundle.pem
openssl verify -CAfile cert_bundle.pem server.pem
server.pem: OK

However the browsers (FF, Chrome, Konqueror and wget) fail 
authentication, claiming there are no certificates to verity 
server.pem's signature.

I'm using Apache 2.4.10 with the following --

SSLCertificateFile /tmp/combined.pem
SSLCertificateKeyFile /tmp/server.key

I can attach *.pem if you want.

Thanks for any assistance.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message